Get the latest news about SolarWinds Security Event Manager (SEM)
Any plans, or current capabilities, to script SEM commands for searching and/or commands? Obviously it must be capable of being done since the HTML UI can access the SEM data store and make changes. The reason I'm asking is that I'd like to automate the removal of nodes that have not registered an event over the last X…
We rely on SEM sending email for external alerting, including auto-generating incidents. In the not-too-distant future, support for auto-generating incidents via email will be going away, so I need to find another way. Calling a REST API from SEM would be the preferred method but that isn't an available action. Any reasons…
Curious is anyone has seen this or how people are dealing with it. My understanding is that the SEM agent doesn't actually use any of the vulnerable classes in Log4j but Tenable is flagging the files based on version number which right now is 1.x which is out of support so it's flagged as a vulnerability. Whether or not…
HI team, I need some clarity on logs displayed on my Solarwinds SEM, I need to know the difference between InsertedIP and DetectionUP many times it displays the same entry. Thanks.
Hello everyone. My team is looking for a SIEM and SEM looks promising. I see that it can pull logs & events from Windows nodes via agent. What kind of user activity would that agent be able to pull to send to SEM? This is in an AD environment, domain-joined PCs. Would it only be able to capture logon/logoff events? Or can…
I feel like I remember it being possible to create our own connectors in SEM, but I don't see the ability anywhere. Is this not possible? There are a few logs on a server I would like to monitor that doesn't have a built in connector.
Hi Forum, I'm new to SolarWinds SEM, particularly the Linux Connector and logs selected. I'm not sure if anyone can assist me in translating the event titles that are displaced on the Event Details tab. The output is slightly different from Windows, and I cannot find the destination machine and source machine on failed…
I have certain logs that I would like to keep on a node that I don't want to keep in SEM. For example, I would like SEM to monitor the System log in Windows Server. I would like SEM to ignore anything marked "Information" and log everything else. Is there a way to do this? Everything I have found indicates I should instead…
Hi, In order to remove the license on SolarWinds, i need to execute the command on the server before they are going to terminate. Is there any way to remove the node from the Linux agent by using API call?
We have an OU in Windows Active Directory specifically for disabled user objects, with sub-OUs for different departments. For example, the base OU is OU=Disabled Users,DC=domain,DC=com, with child OUs of OU=Department,OU=Disabled Users,DC=domain,DC=com. Is there a way to alert on a user object in the base or child OUs when…
It looks like you're new here. Sign in or register to get started.